diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-02-17 11:50:27 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-25 08:47:23 -0400 |
commit | 1575084d8ba8800574c72ee0615a0afadca8375c (patch) | |
tree | ba75b4ddbbbfe81806fb95e62af5aaa13628bdeb | |
parent | 1072b8cc7890bba0180f69765875b3d2198c6729 (diff) | |
download | sssd-1575084d8ba8800574c72ee0615a0afadca8375c.tar.gz sssd-1575084d8ba8800574c72ee0615a0afadca8375c.tar.xz sssd-1575084d8ba8800574c72ee0615a0afadca8375c.zip |
RESPONDERS: Allow increasing the file-descriptor limitsssd-1.5.1-51.el5
This patch will increase the file descriptor limit to 8k or the
limits.conf maximum, whichever is lesser.
https://fedorahosted.org/sssd/ticket/1197
-rw-r--r-- | src/responder/common/responder.h | 3 | ||||
-rw-r--r-- | src/responder/common/responder_common.c | 37 | ||||
-rw-r--r-- | src/responder/nss/nsssrv.c | 4 | ||||
-rw-r--r-- | src/responder/pam/pamsrv.c | 5 |
4 files changed, 49 insertions, 0 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index 29bfff06e..c17ccdf1c 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -25,6 +25,7 @@ #include <stdint.h> #include <sys/un.h> #include <pcre.h> +#include <sys/resource.h> #include "config.h" #include "talloc.h" #include "tevent.h" @@ -173,4 +174,6 @@ int sss_dp_send_acct_req(struct resp_ctx *rctx, TALLOC_CTX *callback_memctx, bool sss_utf8_check(const uint8_t *s, size_t n); +void responder_set_fd_limit(rlim_t fd_limit); + #endif /* __SSS_RESPONDER_H__ */ diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index af7a99efd..261d91fb7 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -683,3 +683,40 @@ int sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain, return EOK; } + +void responder_set_fd_limit(rlim_t fd_limit) +{ + struct rlimit current_limit, new_limit; + int limret; + + /* First determine the maximum hard limit */ + limret = getrlimit(RLIMIT_NOFILE, ¤t_limit); + if (limret == 0) { + DEBUG(7, + ("Current fd limit: [%d]\n", + current_limit.rlim_cur)); + /* Choose the lesser of the requested and the hard limit */ + if (current_limit.rlim_max < fd_limit) { + new_limit.rlim_cur = current_limit.rlim_max; + } else { + new_limit.rlim_cur = fd_limit; + } + new_limit.rlim_max = current_limit.rlim_max; + + limret = setrlimit(RLIMIT_NOFILE, &new_limit); + if (limret == 0) { + DEBUG(6, + ("Maximum file descriptors set to [%d]\n", + new_limit.rlim_cur)); + } else { + DEBUG(2, + ("Could not set new fd limits. Proceeding with [%d]\n", + current_limit.rlim_cur)); + } + } else { + DEBUG(2, + ("Could not determine fd limits. " + "Proceeding with system values\n")); + } +} + diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index cb0acfe13..cfc6c588f 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -47,6 +47,7 @@ #define SSS_NSS_PIPE_NAME "nss" #define DEFAULT_PWFIELD "*" +#define DEFAULT_NSS_FD_LIMIT 8192 #define SHELL_REALLOC_INCREMENT 5 #define SHELL_REALLOC_MAX 50 @@ -315,6 +316,9 @@ int nss_process_init(TALLOC_CTX *mem_ctx, return EIO; } + /* Set up file descriptor limits */ + responder_set_fd_limit(DEFAULT_NSS_FD_LIMIT); + DEBUG(1, ("NSS Initialization complete\n")); return EOK; diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c index 91ee4a899..1bed212ed 100644 --- a/src/responder/pam/pamsrv.c +++ b/src/responder/pam/pamsrv.c @@ -44,6 +44,8 @@ #include "responder/pam/pamsrv.h" #include "responder/common/negcache.h" +#define DEFAULT_PAM_FD_LIMIT 8192 + #define SSS_PAM_SBUS_SERVICE_VERSION 0x0001 #define SSS_PAM_SBUS_SERVICE_NAME "pam" @@ -174,6 +176,9 @@ static int pam_process_init(TALLOC_CTX *mem_ctx, goto done; } + /* Set up file descriptor limits */ + responder_set_fd_limit(DEFAULT_PAM_FD_LIMIT); + ret = EOK; done: |